Plaid Link Auth Flow

Plaid and Vesta have partnered together to enable businesses to transact over ACH with confidence by offering a guarantee for every approved transaction. Plaid’s seamless account-linking experience married with Vesta’s industry-leading fraud detection technology help to both increase conversion and minimize losses. Available as a full-service processing solution or layered on top of your existing payment facilitator, Plaid and Vesta’s Guaranteed ACH solution is designed for maximum convenience and flexibility.

With the Plaid + Vesta integration, your users can verify their accounts in seconds by inputting their banking credentials in Plaid’s front-end module. Plaid’s mobile-friendly module handles input validation, error handling, and multi-factor authentication–providing a seamless onboarding experience to convert more users for your business. Vesta then runs a fraud risk analysis on the connected account, assesses each transaction and approves it for a guarantee. Once approved, Vesta can either initiate the payment as a full-service solution, or return feedback so you can instruct your existing processor to run the transaction, as a truly processor-agnostic solution.

To get started, sign up for Plaid API keys or try out the Plaid demo.

Getting Started

You'll first want to familiarize yourself with Plaid Link, a drop-in integration for the Plaid API that handles input validation, error handling, and multi-factor authentication. You will also need to create or be an existing Vesta customer in order to add a bank funding source.

Your customers will use Link to authenticate with their financial institution and select the bank account they wish to use for ACH transactions. From there, you'll receive a Plaid access_token and a Vesta processor_token, which allows you to quickly and securely verify a bank funding source via Vesta's API without having to store any sensitive banking information. Utilizing Plaid + Vesta enables a seamless workflow for sending and receiving payments.

Instructions

Step 1: Set up your Plaid and Vesta accounts

You'll need accounts at both Plaid and Vesta in order to use the Plaid + Vesta integration. You'll also need to enable your Plaid account for the Vesta integration.

First, you will need to work with the Vesta team to sign up for an Vesta account, if you do not already have one.

Next, verify that your Plaid account is enabled for the integration. If you do not have a Plaid account, create one. Your account will be automatically enabled for integration access.

To verify that your Plaid account is enabled for the integration, go to the Integrations section of the account dashboard.

If the integration is off, simply click the 'Enable' button for Vesta to enable the integration.

Step 2: Fetch a Link token

A link_token is a one-time use token that is used to initialize Plaid Link. You can create a link_token and configure it for your specific Link flow by calling the /link/token/create endpoint from your server.

Fetch a Link token

Step 3: Integrate with Plaid Link

Integrating with Link is easy. All it takes is a few lines of client-side JavaScript and a small server-side handler to exchange the Link public_token for a Plaid access_token and a Vesta processor_token.

Integrate with Link

See the parameter reference for complete documentation on possible configurations.

Plaid.create accepts one argument, a configuration Object, and returns an Object with two functions, open and exit . Calling open will display the "Institution Select" view and calling exit will close Link.

Step 4: Write server-side handler

Plaid’s Link module handles the entire onboarding flow securely and quickly, but does not actually retrieve account data for a user. Instead, the Link module returns a public_token and an account_id (a property on the metadata object) via the onSuccess callback.

This public_token must be exchanged for a Plaid access_token using the /item/public_token/exchange API endpoint. Once you have the access_token for the Item, you'll create a Vesta processor_token. You'll send this token to Vesta and they will use it to securely retrieve account and routing numbers from Plaid.

You can create valid Vesta processor_tokens in the following Plaid API environments:

Server-side handler

const plaid = require('plaid');

// Change sandbox to development to test with live users;
// Change to production when you're ready to go live!
const plaidClient = new plaid.Client({
  clientID: PLAID_CLIENT_ID,
  secret: PLAID_SECRET,
  env: plaid.environments.sandbox
});

// Exchange the public_token from Plaid Link for an access token.
plaidClient.exchangePublicToken(public_token, function(err, res) {
  const accessToken = res.access_token;
  // Create a processor token for a specific account id.
  plaidClient.createProcessorToken(
    accessToken,
    accountId,
    'vesta',
    function(err, res) {
      const processorToken = res.processor_token;
    }
  );
});

# Exchange the public token from Plaid Link for an access token.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "public_token": "PUBLIC_TOKEN"
  }' \
  -X POST \
  https://sandbox.plaid.com/item/public_token/exchange

# Create a processor token for a specific account id.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "access_token": "ACCESS_TOKEN",
    "account_id": "ACCOUNT_ID",
    "processor": "vesta"
  }' \
  -X POST \
  https://sandbox.plaid.com/processor/token/create

require 'plaid'

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Plaid::Client.new(env: :sandbox,
                           client_id: PLAID_CLIENT_ID,
                           secret: PLAID_SECRET)

# Exchange the public token from Plaid Link for an access token.
exchange_response = client.item.public_token.exchange(public_token)
access_token = exchange_response.access_token

# Create a processor token for a specific account id.
create_response = client.processor_token.create(access_token, account_id, "vesta")
processor_token = create_response.processor_token

// Support Coming Soon

from plaid import Client

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Client(
  client_id=PLAID_CLIENT_ID,
  secret=PLAID_SECRET,
  environment='sandbox'
)

# Exchange the public token from Plaid Link for an access token.
exchange_token_response = client.Item.public_token.exchange(public_token)
access_token = exchange_token_response['access_token']

# Create a processor token for a specific account id.
create_response = client.Processor.ProcessorTokenCreate(access_token, account_id, "vesta")
processor_token = create_response['processor_token']

For a valid request, the API will return a JSON response similar to:

Processor Token response

{
"processor_token": "processor-sandbox-0asd1-a92nc",
"request_id": "[Unique request ID]"
}

For possible error codes, see the full listing of Plaid error codes.

Step 5: Test with sandbox credentials

Link's sandbox mode is compatible with Plaid's Sandbox API environment. To test the integration in sandbox mode, simply use the Plaid sandbox credentials.

Step 6: Get ready for production

Your account is immediately enabled for our sandbox environment. To move to Production, please request access from the Dashboard. You will want to ensure that you have valid Vesta Production credentials prior to verifying bank funding sources in the Vesta API with Plaid.

Support and questions

Find answers to many common integration questions and concerns—such as pricing, sandbox and test mode usage, and more—at our Help Center and docs.

If you're still stuck, open a support ticket with information describing the issue that you're experiencing and we'll get back to you as soon as we can.